Pickle bouquet

3 和 4 则对应 Python 3. On this Wikipedia the language links are at the top of the page across from the article title. Look up Pickle pickle bouquet pickle in Wiktionary, the free dictionary.

If an internal link led you here, you may wish to change the link to point directly to the intended article. What can be pickled and unpickled? It is possible to construct malicious pickle data which will execute arbitrary code during unpickling. Never unpickle data that could have come from an untrusted source, or that could have been tampered with. This has implications both for recursive objects and object sharing. Recursive objects are objects that contain references to themselves.

These are not handled by marshal, and in fact, attempting to marshal recursive objects will crash your Python interpreter. Object sharing happens when there are multiple references to the same object in different places in the object hierarchy being serialized. Shared objects remain shared, which can be very important for mutable objects. Because its primary job in life is to support . Python implementers reserve the right to change the serialization format in non-backwards compatible ways should the need arise. Python releases provided a compatible pickle protocol is chosen and pickling and unpickling code deals with Python 2 to Python 3 type differences if your data is crossing that unique breaking change language boundary.

Unlike pickle, deserializing untrusted JSON does not in itself create an arbitrary code execution vulnerability. Python programs may not be able to reconstruct pickled Python objects. There are currently 6 different protocols which can be used for pickling. The higher the protocol used, the more recent the version of Python needed to read the pickle produced. Protocol version 1 is an old binary format which is also compatible with earlier versions of Python. Protocol version 2 was introduced in Python 2. PEP 307 for information about improvements brought by protocol 2.